<?php

ini_set('display_errors',true);

$left="../templates/misc/blank.php";
$data="../templates/logon.php";

if (isset($_GET['action']) && $_GET['action'] == "logout") {
	
	unset($_SESSION);
	
} elseif ( isset($_POST['uid']) ) {	
	
	$userList = simplexml_load_file('../xmldata/users.xml');
	$uid = $_POST['uid'];
	$myUser = "";
	foreach ($userList as $key => $user) {
		if ($user['uid'] == $_POST['uid']) {
			$myUser = $user;
			$pwd = $user->pwd;
		}
	}
	
	if (isset($_POST['pwd']) && (md5($_POST['pwd']) == $pwd ) ) {
		session_start();
		$_SESSION['user'] = $myUser->asXML();
		$u = new SimpleXMLElement($_SESSION['user']);
		$left="../templates/misc/menu.php";
		$data="../templates/welcome.php";
		$userInfo = "../templates/misc/userInfo.php";
		//---- temp
		$_SESSION['project'] = "../xmldata/ProjectsFiles/Project.xml";
		$_SESSION['timesheet'] = "../xmldata/ProjectsFiles/TimeSheet.xml";	
		//---
	} else {
		$alert = 'invalid username/password';
	}
	
} 

include("../templates/main.php");

?>
